brakit 0.8.3 → 0.8.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api.d.ts +26 -9
- package/dist/api.js +221 -112
- package/dist/bin/brakit.js +598 -282
- package/dist/dashboard.html +2652 -0
- package/dist/mcp/server.js +195 -90
- package/dist/runtime/index.js +1045 -386
- package/package.json +3 -2
package/dist/api.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { IncomingHttpHeaders } from 'node:http';
|
|
2
2
|
|
|
3
|
-
type HttpMethod = "GET" | "POST" | "PUT" | "PATCH" | "DELETE" | "HEAD" | "OPTIONS"
|
|
3
|
+
type HttpMethod = "GET" | "POST" | "PUT" | "PATCH" | "DELETE" | "HEAD" | "OPTIONS";
|
|
4
4
|
type FlatHeaders = Record<string, string>;
|
|
5
5
|
interface TracedRequest {
|
|
6
6
|
id: string;
|
|
@@ -19,7 +19,7 @@ interface TracedRequest {
|
|
|
19
19
|
}
|
|
20
20
|
type RequestListener = (req: TracedRequest) => void;
|
|
21
21
|
|
|
22
|
-
type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "custom" | "unknown";
|
|
22
|
+
type Framework = "nextjs" | "remix" | "nuxt" | "vite" | "astro" | "flask" | "fastapi" | "django" | "custom" | "unknown";
|
|
23
23
|
interface DetectedProject {
|
|
24
24
|
framework: Framework;
|
|
25
25
|
devCommand: string;
|
|
@@ -79,7 +79,7 @@ interface TracedError extends TelemetryEntry {
|
|
|
79
79
|
}
|
|
80
80
|
type NormalizedOp = "SELECT" | "INSERT" | "UPDATE" | "DELETE" | "OTHER";
|
|
81
81
|
interface TracedQuery extends TelemetryEntry {
|
|
82
|
-
driver: "pg" | "mysql2" | "prisma" |
|
|
82
|
+
driver: "pg" | "mysql2" | "prisma" | "sdk";
|
|
83
83
|
sql?: string;
|
|
84
84
|
model?: string;
|
|
85
85
|
operation?: string;
|
|
@@ -160,8 +160,11 @@ interface SecurityFinding {
|
|
|
160
160
|
count: number;
|
|
161
161
|
}
|
|
162
162
|
|
|
163
|
+
declare const FINDINGS_DATA_VERSION = 1;
|
|
164
|
+
|
|
163
165
|
type FindingState = "open" | "fixing" | "resolved";
|
|
164
166
|
type FindingSource = "passive";
|
|
167
|
+
type AiFixStatus = "fixed" | "wont_fix";
|
|
165
168
|
interface StatefulFinding {
|
|
166
169
|
/** Stable ID derived from rule + endpoint + description hash */
|
|
167
170
|
findingId: string;
|
|
@@ -172,9 +175,13 @@ interface StatefulFinding {
|
|
|
172
175
|
lastSeenAt: number;
|
|
173
176
|
resolvedAt: number | null;
|
|
174
177
|
occurrences: number;
|
|
178
|
+
/** What AI reported after attempting a fix */
|
|
179
|
+
aiStatus: AiFixStatus | null;
|
|
180
|
+
/** AI's summary of what was done or why it can't be fixed */
|
|
181
|
+
aiNotes: string | null;
|
|
175
182
|
}
|
|
176
183
|
interface FindingsData {
|
|
177
|
-
version:
|
|
184
|
+
version: typeof FINDINGS_DATA_VERSION;
|
|
178
185
|
findings: StatefulFinding[];
|
|
179
186
|
}
|
|
180
187
|
|
|
@@ -220,7 +227,7 @@ interface PreparedInsightContext extends InsightContext {
|
|
|
220
227
|
endpointGroups: ReadonlyMap<string, EndpointGroup>;
|
|
221
228
|
}
|
|
222
229
|
|
|
223
|
-
type InsightState =
|
|
230
|
+
type InsightState = FindingState;
|
|
224
231
|
interface StatefulInsight {
|
|
225
232
|
key: string;
|
|
226
233
|
state: InsightState;
|
|
@@ -230,6 +237,8 @@ interface StatefulInsight {
|
|
|
230
237
|
resolvedAt: number | null;
|
|
231
238
|
/** Consecutive recompute cycles where the insight was not detected. */
|
|
232
239
|
consecutiveAbsences: number;
|
|
240
|
+
aiStatus: AiFixStatus | null;
|
|
241
|
+
aiNotes: string | null;
|
|
233
242
|
}
|
|
234
243
|
|
|
235
244
|
declare class FindingStore {
|
|
@@ -244,6 +253,7 @@ declare class FindingStore {
|
|
|
244
253
|
stop(): void;
|
|
245
254
|
upsert(finding: SecurityFinding, source: FindingSource): StatefulFinding;
|
|
246
255
|
transition(findingId: string, state: FindingState): boolean;
|
|
256
|
+
reportFix(findingId: string, status: AiFixStatus, notes: string): boolean;
|
|
247
257
|
/**
|
|
248
258
|
* Reconcile passive findings against the current analysis results.
|
|
249
259
|
*
|
|
@@ -258,7 +268,9 @@ declare class FindingStore {
|
|
|
258
268
|
getByState(state: FindingState): readonly StatefulFinding[];
|
|
259
269
|
get(findingId: string): StatefulFinding | undefined;
|
|
260
270
|
clear(): void;
|
|
261
|
-
private
|
|
271
|
+
private loadAsync;
|
|
272
|
+
/** Sync load for tests only — not used in production paths. */
|
|
273
|
+
loadSync(): void;
|
|
262
274
|
private flush;
|
|
263
275
|
private flushSync;
|
|
264
276
|
private serialize;
|
|
@@ -317,8 +329,8 @@ declare class AdapterRegistry {
|
|
|
317
329
|
}
|
|
318
330
|
|
|
319
331
|
interface AnalysisUpdate {
|
|
320
|
-
insights: Insight[];
|
|
321
|
-
findings: SecurityFinding[];
|
|
332
|
+
insights: readonly Insight[];
|
|
333
|
+
findings: readonly SecurityFinding[];
|
|
322
334
|
statefulFindings: readonly StatefulFinding[];
|
|
323
335
|
statefulInsights: readonly StatefulInsight[];
|
|
324
336
|
}
|
|
@@ -329,7 +341,8 @@ interface ChannelMap {
|
|
|
329
341
|
"telemetry:error": Omit<TracedError, "id">;
|
|
330
342
|
"request:completed": TracedRequest;
|
|
331
343
|
"analysis:updated": AnalysisUpdate;
|
|
332
|
-
"
|
|
344
|
+
"findings:changed": readonly StatefulFinding[];
|
|
345
|
+
"store:cleared": undefined;
|
|
333
346
|
}
|
|
334
347
|
type Listener<T> = (data: T) => void;
|
|
335
348
|
declare class EventBus {
|
|
@@ -362,6 +375,7 @@ interface TelemetryStoreInterface<T extends TelemetryEntry> {
|
|
|
362
375
|
}
|
|
363
376
|
interface RequestStoreInterface {
|
|
364
377
|
capture(input: CaptureInput): TracedRequest;
|
|
378
|
+
add(entry: TracedRequest): void;
|
|
365
379
|
getAll(): readonly TracedRequest[];
|
|
366
380
|
clear(): void;
|
|
367
381
|
}
|
|
@@ -377,6 +391,7 @@ interface MetricsStoreInterface {
|
|
|
377
391
|
interface FindingStoreInterface {
|
|
378
392
|
upsert(finding: SecurityFinding, source: FindingSource): StatefulFinding;
|
|
379
393
|
transition(findingId: string, state: FindingState): boolean;
|
|
394
|
+
reportFix(findingId: string, status: AiFixStatus, notes: string): boolean;
|
|
380
395
|
reconcilePassive(findings: readonly SecurityFinding[]): void;
|
|
381
396
|
getAll(): readonly StatefulFinding[];
|
|
382
397
|
getByState(state: FindingState): readonly StatefulFinding[];
|
|
@@ -393,6 +408,7 @@ interface AnalysisEngineInterface {
|
|
|
393
408
|
getFindings(): readonly SecurityFinding[];
|
|
394
409
|
getStatefulInsights(): readonly StatefulInsight[];
|
|
395
410
|
getStatefulFindings(): readonly StatefulFinding[];
|
|
411
|
+
reportInsightFix(enrichedId: string, status: AiFixStatus, notes: string): boolean;
|
|
396
412
|
}
|
|
397
413
|
|
|
398
414
|
interface ServiceMap {
|
|
@@ -430,6 +446,7 @@ declare class AnalysisEngine {
|
|
|
430
446
|
getFindings(): readonly SecurityFinding[];
|
|
431
447
|
getStatefulFindings(): readonly StatefulFinding[];
|
|
432
448
|
getStatefulInsights(): readonly StatefulInsight[];
|
|
449
|
+
reportInsightFix(enrichedId: string, status: AiFixStatus, notes: string): boolean;
|
|
433
450
|
private scheduleRecompute;
|
|
434
451
|
recompute(): void;
|
|
435
452
|
}
|